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0. Introductioa 

There is a body of literature describing formal methods which have been, or 
are being developed to support the design and development of various "real- 
time" systems, We are referring here, more specifically, to systems which 
operate in real-time computation/control /communication environments where 
timeliness is a principal requirement. (Excluded, therefore, are so-called "on- 
line" environments such as airline reservations and inventory control where 
timing demands are less severe.) In addition to timeliness, these systems must 
typically satisfy other needs that are characteristic of avionic and control 
applications, e.g., needs for fault-tolerance, degradable performance, distri- 
buted architectures, and concurrent (parallel) execution of tasks. Accordingly, 
many design and validation problems precipitated by these needs are common, 
in varying degrees and forms, to a variety of real-time systems. Along with 
avionic systems, these include other vehicle control systems (for spacecraft, 
trains, etc,), telephone switching systems, power distribution systems, 
coraputer/communication networks, manufacturing process control systems, 
computer operating systemii, and parallel programs. 

With respect to these various types of real-time systems, the development 
of formal design and validation methods (with the exception of formal evalua- 
tion methods) has beeu pursued, most actively, in the context of computer 
operating systems and parallel programs, Although such systems are consider- 
ably less complex than a fully integrated avionic system, we believe this activity 
is representative of approaches that must be taken in the avionic system con- 
text. In particular, we are referring here to work on formal specifications, 
design languages, verification, and testing. 

This report contains the results of a literature survey designed to classify 
current literature on formal methods that might be meaningfully exploited in 
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the specification, design, and validation of avionic systems (where validation 
includes verification, testing and evaluation). The specific literature searched 
includes journal papers, conference papers, and technical reports published 
during the last five years (beginning in 1977), The articles are classified 
according to five topic areas; specification, design, verification, testing and 
evaluation. Because the survey was completed in September 1981, no citations 
appearing after that date are included in the resulting bibliography. 

Two search modes were employed: a manual search of the major journals 
and conference proceedings dealing with these areas, and a computer search 
using automatic information retrieval services that exist at The University of 
Michigan. Among the sources consulted for the manual search were IEEE Tran- 
sactions on Computers, IEEE JYansactions on Software Engineering, IEEE 
Transactions on Reliability, Journal of the ACM, Communications of the ACM, 
Proceedings of the International Sympasiuni on Fault Tolerant Computing, and 
the bibliographies associated with the relevant articles in those sources. Where 
possible, the bibliographies of the articles referred to by the first set of articles 
were consulted, and the process was Iterated. The automatic search was per- 
formed using the facilities of Dialog Informations Services, Inc, of Palo Alto, CA. 
The specific data bases accessed were INSPEC [1977 to present] (The Institu- 
tion of Electrical Engineers) and COMPENDEX [1971 to present] (Engineering 
Index, Inc.), Keywords used were 


specification 

formal 

verification 

mathematical 

testing 

theoretical 

design 

petri net 

implementation 

abstract data type 

stochastic 

initial algebra 
data abstraction 


Citations having at least one keyword from each of column 1 and column 2 were 






flagged. In some cases, many citations were found for one of the above combi- 
nations; additional words were then used to narrow the number of hits. These 
words included "top down", "bottom up", "hierarchical", and "parallel." 

The report is divided into five sections, corresponding to the five topic 
areas: specification, design, verification, testing, and evaluation. Bibliographic 
entries are listed according to the topic(s) they apply to, Hence, if an article 
relates (appreciably) to more than one topic, its reference is listed in each 
applicable section. Also, entries are listed first by year of publication, and then 
within the year, alphabetically by the primary author*s last name. 
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[4] E. Best, “A theorem on the characteristic of non-sequential 
processes," Computing Lab., Univ. Newcastle upon Tyne, England, 
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mechanisms in CLU," CACM, vol. 20, pp. 564-576, Aug. 1977. 

[14] M. E. Majster, "Limits of the 'algebraic' specification of abstract data 
types," SIGPIAN Not,, vol. 12, pp. 37-42, Oct. 1977. 

[16] R. Milner, "Flowgraphs and flow algebras," Rep CSR-5-77, Comp. Sci, 
Dept,, Univ, of Edinburgh, Edinburgh, Scotland, 1977. 
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